Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader alerts us to an interesting development that Kaspersky Labs stumbled across. They purchased a new M&A Companion Touch netbook in order to test a new anti-virus product targeted at the netbook segment, and discovered three pieces of malware on the factory-sealed netbook. A little sleuthing turned up the likely infection scenario — at the factory, someone was updating Intel drivers using a USB flash drive that was infected with a variant of the AutoRun worm. "Installed along with the worm was a rootkit and a password stealer that harvests log-in credentials for online games such as World of Warcraft. ... To ensure that a new PC is malware-free, [Kaspersky] recommended that before users connect the machine to the Internet, they install security software, update it by retrieving the latest definition file on another computer, and transferring that update to the new system, then running a full antivirus scan."

snydeq writes "InfoWorld's Paul Venezia takes VMware's purported 'cloud OS,' vSphere 4, for a test drive. The bottom line: 'VMware vSphere 4.0 touches on almost every aspect of managing a virtual infrastructure, from ESX host provisioning to virtual network management to backup and recovery of virtual machines. Time will tell whether these features are as solid as they need to be in this release, but their presence is a substantial step forward for virtual environments.' Among the features Venezia finds particularly worthwhile is vSphere's Fault Tolerance: 'In a nutshell, this allows you to run the same VM in tandem across two hardware nodes, but with only one instance actually visible to the network. You can think of it as OS-agnostic clustering. Should a hardware failure take out the primary instance, the secondary instance will assume normal operations instantly, without requiring a VMotion.'"

a lot of linux and mac os x do not have a lot of features listed, nor did they have them when they were 'conceived.'

Nor do a lot of Windows Vista installs. Can you have those features on Linux/Mac OS X? Yes (excluding parental control, and keeping in mind we are talking about "approaches" more than how a certain feature exactly works. Because MS has patented that exact method so no one else can legally use it).

In the end, the OS is as secure as the user keeps it. You can have a super secure Windows/Linux/Mac installation, or equally have a very loose one.

And effectively hardening your OS implies you have to understand you might lose some functionality (see all those apps on Windows that fire up unneeded UAC prompts by doing the very wrong thing, or those apps on Linux that are happily unaware of SELinux) and do not bitch about it with the wrong people (the OS makers).

Although I concede you that there has been a certain mindset of "I run Linux/Mac OS so I'm inherently secure" that needs to be eradicated ASAP

Back on the topic, it doesn't matter what OS you choose, but develop good policies and stick with them and you'll be reasonably secure.

The GMA950 is going to be a pain as usual, so if you plan to run compiz like I do you should google for optimizations of the driver.It mostly boils down to insertingOption "MigrationHeuristics" "greedy"in the Device section of/etc/X11/xorg.conf but this might be outdated information.

However, this is to improve performances, the stuff will work (just slow, and compiz can REALLY slow down apps like Firefox)